forked from fa/breadcrumb-the-shire
refactor(pages): replace superglobals with request/session abstractions
This commit is contained in:
@@ -1,11 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
@@ -19,7 +22,7 @@ if ($request->isMethod('POST')) {
|
||||
$errorBag->addGlobal(t('Please enter a valid email address'));
|
||||
} else {
|
||||
$passwordResetService->requestReset($email);
|
||||
$_SESSION['password_reset_email'] = $email;
|
||||
$sessionStore->set('password_reset_email', $email);
|
||||
Flash::success(
|
||||
t('If the email exists, a verification code has been sent.'),
|
||||
'password/verify',
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\RequestRuntimeInterface;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\Security\SecurityServicesFactory;
|
||||
@@ -8,7 +10,11 @@ use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
if (!empty($_SESSION['user']['id'])) {
|
||||
$requestRuntime = app(RequestRuntimeInterface::class);
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
if (!empty($session['user']['id'])) {
|
||||
if (Flash::has()) {
|
||||
Flash::keep();
|
||||
}
|
||||
@@ -146,7 +152,7 @@ if (requestInput()->method() === 'POST') {
|
||||
} else {
|
||||
$postedStage = trim((string) (requestInput()->bodyAll()['stage'] ?? 'resolve_email'));
|
||||
$email = trim((string) (requestInput()->bodyAll()['email'] ?? ''));
|
||||
$clientIp = trim((string) ($_SERVER['REMOTE_ADDR'] ?? ''));
|
||||
$clientIp = trim((string) ($requestRuntime->ip()));
|
||||
if ($clientIp === '') {
|
||||
$clientIp = 'unknown';
|
||||
}
|
||||
@@ -253,7 +259,7 @@ if (requestInput()->method() === 'POST') {
|
||||
$result = $authService->login($email, $password);
|
||||
if (!($result['ok'] ?? false)) {
|
||||
if (!empty($result['needs_verification'])) {
|
||||
$_SESSION['email_verification_email'] = $result['email'] ?? $email;
|
||||
$sessionStore->set('email_verification_email', $result['email'] ?? $email);
|
||||
Flash::error(t('Please verify your email first'), 'verify-email', 'login_not_verified');
|
||||
Router::redirect('verify-email');
|
||||
return;
|
||||
@@ -270,7 +276,8 @@ if (requestInput()->method() === 'POST') {
|
||||
$setRateLimitWarning((int) ($passwordFailureResult['retry_after'] ?? $loginPasswordBlock));
|
||||
}
|
||||
} else {
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$authenticatedUser = $sessionStore->get('user', []);
|
||||
$userId = (int) (is_array($authenticatedUser) ? ($authenticatedUser['id'] ?? 0) : 0);
|
||||
if ($userId <= 0 || !$authService->canLoginToTenant($userId, $selectedTenantId)) {
|
||||
$authService->logout();
|
||||
$setLoginWarning(t('No access to this tenant'));
|
||||
|
||||
@@ -1,10 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
|
||||
$request = requestInput();
|
||||
$error = false;
|
||||
if (!allowRegistration()) {
|
||||
@@ -32,7 +35,7 @@ if ($request->hasBody('email')) {
|
||||
$error = $result['error'] ?? t('User can not be registered');
|
||||
} else {
|
||||
// Store email in session for verify-email page
|
||||
$_SESSION['email_verification_email'] = $result['email'] ?? $email;
|
||||
$sessionStore->set('email_verification_email', $result['email'] ?? $email);
|
||||
Flash::success(t('Registration successful! Please check your email for the verification code.'), 'verify-email', 'registration_success');
|
||||
Router::redirect('verify-email');
|
||||
}
|
||||
|
||||
@@ -1,12 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
@@ -14,7 +18,7 @@ $password = (string) $request->body('password', '');
|
||||
$password2 = (string) $request->body('password2', '');
|
||||
$passwordResetService = (app(AuthServicesFactory::class))->createPasswordResetService();
|
||||
|
||||
$resetId = (int) ($_SESSION['password_reset_id'] ?? 0);
|
||||
$resetId = (int) ($session['password_reset_id'] ?? 0);
|
||||
if ($resetId <= 0) {
|
||||
Router::redirect('password/forgot');
|
||||
}
|
||||
@@ -25,8 +29,8 @@ if ($request->isMethod('POST')) {
|
||||
} else {
|
||||
$result = $passwordResetService->resetPassword($resetId, $password, $password2);
|
||||
if ($result['ok'] ?? false) {
|
||||
unset($_SESSION['password_reset_id']);
|
||||
unset($_SESSION['password_reset_email']);
|
||||
$sessionStore->remove('password_reset_id');
|
||||
$sessionStore->remove('password_reset_email');
|
||||
Flash::success(t('Password updated'), 'login', 'password_updated');
|
||||
Router::redirect('login');
|
||||
} else {
|
||||
|
||||
@@ -1,15 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
$email = trim((string) $request->body('email', $_SESSION['password_reset_email'] ?? ''));
|
||||
$email = trim((string) $request->body('email', $session['password_reset_email'] ?? ''));
|
||||
$code = trim((string) $request->body('code', ''));
|
||||
$passwordResetService = (app(AuthServicesFactory::class))->createPasswordResetService();
|
||||
|
||||
@@ -23,8 +27,8 @@ if ($request->isMethod('POST')) {
|
||||
} else {
|
||||
$result = $passwordResetService->verifyCode($email, $code);
|
||||
if ($result['ok'] ?? false) {
|
||||
$_SESSION['password_reset_id'] = (int) $result['reset_id'];
|
||||
unset($_SESSION['password_reset_email']);
|
||||
$sessionStore->set('password_reset_id', (int) $result['reset_id']);
|
||||
$sessionStore->remove('password_reset_email');
|
||||
Flash::success(t('Code verified'), 'password/reset', 'reset_verified');
|
||||
Router::redirect('password/reset');
|
||||
} else {
|
||||
|
||||
@@ -1,15 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
$email = trim((string) $request->body('email', $_SESSION['email_verification_email'] ?? ''));
|
||||
$email = trim((string) $request->body('email', $session['email_verification_email'] ?? ''));
|
||||
$code = trim((string) $request->body('code', ''));
|
||||
$emailVerificationService = (app(AuthServicesFactory::class))->createEmailVerificationService();
|
||||
|
||||
@@ -42,7 +46,7 @@ if ($request->isMethod('POST')) {
|
||||
} else {
|
||||
$result = $emailVerificationService->verifyCode($email, $code);
|
||||
if ($result['ok'] ?? false) {
|
||||
unset($_SESSION['email_verification_email']);
|
||||
$sessionStore->remove('email_verification_email');
|
||||
|
||||
Flash::success(t('Email verified successfully! Please login.'), 'login', 'email_verified');
|
||||
Router::redirect('login');
|
||||
|
||||
Reference in New Issue
Block a user